Move hkdf_extract to wsgcrypt.h

HKDF-Extract is not used in TLS, but in QUIC. For reuse in OSCORE, move it to wsutil. Adjust comments slightly to emphasize precondition. Change-Id: I5105e7416037697b383ad58f62be285c2b7ab8b7 Reviewed-on: https://code.wireshark.org/review/25802 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Mališa Vučinić <malishav@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
author: Peter Wu <peter@lekensteyn.nl> 2018-02-15 15:23:50 +0100
committer: Alexis La Goutte <alexis.lagoutte@gmail.com> 2018-02-15 16:19:35 +0000
commit: d45bd7cb2424d4f99924aacf415c92cd7e61329a (patch)
tree: 4b981ec2f06e7d0bc7b909a58744fa5b99fd0588 /wsutil
parent: 7ae954c7ac934ea5748b6d65f1c04e8c9b90e27f (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/wsutil/wsgcrypt.h b/wsutil/wsgcrypt.h
index 52443bbcff..940006f832 100644
--- a/wsutil/wsgcrypt.h
+++ b/wsutil/wsgcrypt.h
@@ -63,5 +63,17 @@ WS_DLL_PUBLIC gcry_error_t
 hkdf_expand(int hashalgo, const guint8 *prk, guint prk_len, const guint8 *info, guint info_len,
             guint8 *out, guint out_len);
 
+/*
+ * Calculate HKDF-Extract(salt, IKM) -> PRK according to RFC 5869.
+ * Caller MUST ensure that 'prk' is large enough to store the digest from hash
+ * algorithm 'hashalgo' (e.g. 32 bytes for SHA-256).
+ */
+static inline gcry_error_t
+hkdf_extract(int hashalgo, const guint8 *salt, size_t salt_len, const guint8 *ikm, size_t ikm_len, guint8 *prk)
+{
+    /* PRK = HMAC-Hash(salt, IKM) where salt is key, and IKM is input. */
+    return ws_hmac_buffer(hashalgo, prk, ikm, ikm_len, salt, salt_len);
+}
+
 
 #endif /* __WSGCRYPT_H__ */
author	Peter Wu <peter@lekensteyn.nl>	2018-02-15 15:23:50 +0100
committer	Alexis La Goutte <alexis.lagoutte@gmail.com>	2018-02-15 16:19:35 +0000
commit	d45bd7cb2424d4f99924aacf415c92cd7e61329a (patch)
tree	4b981ec2f06e7d0bc7b909a58744fa5b99fd0588 /wsutil
parent	7ae954c7ac934ea5748b6d65f1c04e8c9b90e27f (diff)